Creating a trusted server group

To create a trusted server group by using the Windows interface
  1. To open the NAP Client Configuration console, click Start, click All Programs, click Accessories, click Run, type NAPCLCFG.MSC, and then click OK.

  2. Double-click Health Registration Settings.

  3. Right-click Trusted Server Groups, and then click New.

  4. On the Group Name page of the New Trusted Server Group wizard, type the name of the new trusted server group, and then click Next.

  5. On the Add Servers page, type the URL of an HRA server you want to add to the trusted server group, and then click Add. If your HRA server does not use server verification, then you must clear the Require server verification (https:) for all servers in this group check box before clicking Add.

  6. Repeat step 5 until you have added all of the HRA servers to the trusted server group.

  7. Click Next to review the group name and the URLs of trusted servers, and then click Finish.

Additional considerations

  • To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.

To create a trusted server group by using the command prompt
  1. To open a command prompt, click Start, click All Programs, click Accessories, and then click Command Prompt.

  2. Type: netsh nap client add trustedservergroup name = <group> requirehttps = <requirehttps>

  3. Type: netsh nap client add server group = <group> url = <url> processingorder = <processingorder>

The following table provides a guideline for the placeholder text in the Netsh command.

Placeholder Possible Values Description

<group>

Any text string. (Required)

The name of the trusted server group that you are creating.

<requirehttps>

ENABLE, DISABLE (Optional)

If set to DISABLE, then server verification (HTTPS) is not required. If no value is entered or requirehttps is set to ENABLE, then HTTPS is required.

<url>

Any valid URL, UNC path, or IP address. If requirehttps is set to ENABLED, the URL must use the https:// prefix. (Required)

The URL of the HRA server that you want to add to the trusted server group. To add multiple URLs, reuse the same server group name.

<processingorder>

Any integer less than or equal to the total number of trusted server groups. Cannot be zero (0). (Optional)

The processing priority to assign to this trusted server group.

Additional considerations

  • To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.

Additional references